Secret information stolen from Canadian government in January hack

At the beginning of this year in February, there were reports of an attack on three Canadian federal government departments by unknown perpetrators originating from China. The initial report described a breach of the internal networks used by the Finance Department and the Treasury Board. A revision of that report added Defense Research and Development Canada to the list of targets. The DRDC is a civilian agency of the Department of National Defense.

Upon the release of the details by the CBC in February, government officials made no confirmation of whether or not confidential information was stolen from the network. The official statement made at the time was that an "attempt" was made to access federal networks. A similar statement made by former Conservative MP and Treasury Board president Stockwell Day stated that no confidential information was stolen, that the quick shutdown of the internal networks helped to mitigate any data leaks.

However, a memo obtained by CBC under Canada's Access to Information laws showed that confidential information was indeed stolen and "privileged accounts" were compromised, an indication that the federal government tried to cover up the real extent of the security breach.

Mr. Day, who opted not to run for public office again in the past federal election, claims he was not told of any information leakage while he was minister:

Certainly, on the information that I got, I had full confidence that the systems had moved quickly to shut down, that significant information had not in fact been carried away, and that the ongoing assessment of that by the technicians continues.

All the information that I had been getting, up until the point when I was no longer minister, the folders were protected. The walls had been breached, but it looked like the folders were protected, and now comes the painstaking work of seeing if in fact everything was maintained.

Despite the revelation, the Department of Finance and the Treasury Board continue to enact strict Internet access policies for its employees. Workers do their research and policy work on a separate network that is disconnected from the government's internal networks. Barring that option, they take their laptops with them to nearby coffee shops.

Report a problem with article
Previous Story

Neowin is covering the HP Discover conference next week

Next Story

Gaming news round up: June 2

26 Comments - Add comment